Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Portable Installer DLL File WMI Policy' = 'C:\zkuajygtjjaw\impwsfwb.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Block Call Software Auto] 'ImagePath' = 'C:\zkuajygtjjaw\impwsfwb.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Block Call Software Auto] 'Start' = '00000002'
- 'C:\zkuajygtjjaw\uzakshbfwk.exe' "c:\zkuajygtjjaw\impwsfwb.exe"
- 'C:\zkuajygtjjaw\impwsfwb.exe'
- 'C:\zkuajygtjjaw\jzq2hzliazs8jxopx.exe'
- C:\zkuajygtjjaw\impwsfwb.exe
- C:\zkuajygtjjaw\uzakshbfwk.exe
- C:\zkuajygtjjaw\ljckov
- %WINDIR%\zkuajygtjjaw\ye0pa2iwl
- C:\zkuajygtjjaw\ye0pa2iwl
- C:\zkuajygtjjaw\jzq2hzliazs8jxopx.exe
- C:\zkuajygtjjaw\uzakshbfwk.exe
- C:\zkuajygtjjaw\impwsfwb.exe
- C:\zkuajygtjjaw\jzq2hzliazs8jxopx.exe
- %WINDIR%\zkuajygtjjaw\ye0pa2iwl
- %WINDIR%\zkuajygtjjaw\ye0pa2iwl
- '5.##.147.158':23144
- '84.##8.130.85':27132
- '88.#48.36.4':25752
- '80.#4.199.6':49579
- '20#.#23.152.97':27682
- '20#.#36.131.186':52293
- '19#.#54.74.242':31770
- '17#.#40.117.149':27603
- ClassName: 'Shell_TrayWnd' WindowName: ''